Job PurposeThe Information Security Manager – Egypt establishes, maintains, and continuously improves the information security and cybersecurity posture of PayTabs' Egyptian operations. The role exists for two complementary reasons:Regulatory necessity — to provide a designated, locally accountable security function that satisfies Central Bank of Egypt (CBE) cybersecurity and payment-sector oversight expectations, including local incident notification, reporting, and inspection readiness.Departmental support to the Group — to act as the local execution and assurance layer for the Group Information Security function, extending the reach of the Group Information Security Manager into the Egyptian entity by implementing Group policies, evidencing controls, managing local risk, and reporting upward.Key ResponsibilitiesRegulatory & Compliance (Egypt focus)Own cybersecurity regulatory compliance for PayTabs Egypt and ensure adherence to CBE cybersecurity regulations and the security/governance obligations applicable to payment service providers and payment system operators under the Central Bank and Banking System Law (Law No. 194 of 2020) and related CBE instructions.Maintain compliance with the Egyptian Personal Data Protection Law (Law No. 151 of 2020) in coordination with the Group privacy/DPO function.Prepare, maintain, and submit regulatory notifications and periodic reports to the CBE, including cyber incident notifications within mandated timelines.Coordinate and support CBE inspections, on-site reviews, external audits, and regulatory examinations managing evidence collection, response, and remediation tracking.Maintain a current mapping of local controls to CBE requirements and reconcile them against Group frameworks (ISO 27001, PCI DSS).Governance, Policy & StandardsLocalize and implement Group information security policies, procedures, and standards for the Egyptian entity, adapting them to Egyptian regulatory and legal requirements where needed.Maintain the local control documentation set (policies, procedures, standards, registers) with proper version control and governance approval.Provide local input, papers, and reporting to the Cyber Security Committee.Risk ManagementIdentify, assess, and track information security and cyber risks specific to the Egyptian operation; maintain the local risk register and feed into the Group risk process (ISO 31000-aligned).Track Key Risk Indicators (KRIs) and residual risk for local assets and processes.Conduct and support third-party / supply chain security assessments for Egyptian vendors and service providers.Security Operations & Technical AssuranceOversee local implementation of technical and operational controls (identity and access management, vulnerability management, logging and monitoring, network and endpoint security) in coordination with IT and Group security.Coordinate vulnerability scanning, penetration testing, and remediation for in-scope Egyptian systems.Support PCI DSS scope maintenance, evidence collection, and assessment activities for the Egyptian environment.Incident ManagementAct as local incident coordinator; ensure cyber incidents are detected, triaged, escalated, and reported in line with the Group incident procedure and CBE notification requirements.Maintain local incident records, lead or contribute to post-incident reviews, and track corrective actions to closure.Awareness & CultureDeliver the Group security awareness program locally training, phishing simulations, and role-based awareness adapted to the Arabic/English needs of Egyptian staff.Reporting & Support to the GISMProvide regular, structured reporting to the Group Information Security Manager on local compliance status, risk posture, incidents, KRIs, and remediation progress.Support Group-wide initiatives, audits, and certifications as they apply to Egypt.Liaise with local IT, business, legal, HR, and internal audit functions on behalf of the security function.Required Qualifications & ExperienceBachelor’s degree in computer science, Information Technology, Information Security, or a related field.7+ years of information security experience, with 3+ years in a financial services, fintech, payments, or otherwise regulated environment.Demonstrable knowledge of CBE cybersecurity regulatory requirements and the Egyptian payments/banking regulatory landscape.Working knowledge of PCI DSS, ISO 27001, and ISO 31000.Familiarity with Egypt Data Protection Law 151/2020.Experience supporting regulatory inspections and external audits.Certifications (Preferred)ISO 27001 Lead Implementer / Lead Auditor.CISSP, CISM, or CRISC.A PCI-related qualification is an advantage.Skills & CompetenciesStrong grasp of regulatory compliance and audit management in a financial/payments context.Risk assessment and GRC capability.Technical breadth across core security domains.Excellent stakeholder management; able to operate effectively as a lean/sole local security resource.Fluent Arabic and English essential for regulator liaison and staff communication.Strong documentation, evidence-management, and reporting skills.